fkie_nvd - fkie_cve-2013-0522

fkie_cve-2013-0522

Vulnerability from fkie_nvd

Published

2018-07-16 14:29

Modified

2024-11-21 01:47

Severity ?

7.0 (High) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531.

References

URL	Tags
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/82531	VDB Entry, Vendor Advisory
psirt@us.ibm.com	https://www-01.ibm.com/support/docview.wss?uid=swg21634508	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/82531	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www-01.ibm.com/support/docview.wss?uid=swg21634508	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.2
ibm	lotus_notes	8.5.3
ibm	lotus_notes	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F13424F2-99E7-4CAA-B20A-0CFEECB8AF75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3909D1D3-DA30-46FE-8252-F44778766552",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531."
    },
    {
      "lang": "es",
      "value": "La caracter\u00edstica Notes Client Single Logon en IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 y 9.0 en Windows permite que usuarios locales descubran contrase\u00f1as mediante vectores relacionados con un mecanismo de comunicaci\u00f3n de un sistema operativo no especificado para la transmisi\u00f3n de contrase\u00f1as entre Windows y Notes. IBM X-Force ID: 82531."
    }
  ],
  "id": "CVE-2013-0522",
  "lastModified": "2024-11-21T01:47:43.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.9,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-07-16T14:29:00.277",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82531"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21634508"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82531"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21634508"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2013-0522 (GCVE-0-2013-0522)

Vulnerability from cvelistv5

Published

2018-07-16 14:00